#appsec — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #appsec, aggregated by home.social.
-
Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!
Contact us today to see how our research-driven approach shapes the future of #appsec!
https://www.anthropic.com/research/glasswing-initial-update
#doyensec #security #ai #claude #claudecode #claudemythos #anthropic
-
Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!
Contact us today to see how our research-driven approach shapes the future of #appsec!
https://www.anthropic.com/research/glasswing-initial-update
#doyensec #security #ai #claude #claudecode #claudemythos #anthropic
-
Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!
Contact us today to see how our research-driven approach shapes the future of #appsec!
https://www.anthropic.com/research/glasswing-initial-update
#doyensec #security #ai #claude #claudecode #claudemythos #anthropic
-
Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!
Contact us today to see how our research-driven approach shapes the future of #appsec!
https://www.anthropic.com/research/glasswing-initial-update
#doyensec #security #ai #claude #claudecode #claudemythos #anthropic
-
Proud to share that @doyensec was trusted by Anthropic as one of the security partners validating #Mythos findings as part of Project #Glasswing!
Contact us today to see how our research-driven approach shapes the future of #appsec!
https://www.anthropic.com/research/glasswing-initial-update
#doyensec #security #ai #claude #claudecode #claudemythos #anthropic
-
OWASP Porto had a blast at their latest chapter meeting, celebrating our 25th anniversary in style 🎉 No celebration would be complete without cake! 🎂
#OWASP #25thanniversary #AppSec #CyberSecurity #OWASPPorto #Community
-
Больше, чем просто безопасность, или Зачем контролировать зависимости
Привет, Хабр! Меня зовут Артём Бердашкевич, в Positive Technologies руковожу направления DevSecOps. Сегодня хочу поговорить о теме, которая с годами становится только острее — о контроле зависимостей и о том, почему привычных подходов к нему уже катастрофически не хватает. Современная разработка давно превратилась в сборку из готовых компонентов, где мы почти не пишем код с нуля, а комбинируем фреймворки, библиотеки и модули с открытым исходным кодом. Такой подход радикально ускоряет вывод продуктов на рынок, но за скорость приходится платить прозрачностью. Команда часто не знает точный состав своего приложения до финальной сборки. Почему это стало большой проблемой и что с ней делать — читайте под катом.
https://habr.com/ru/companies/pt/articles/1040080/
#cybersecurity #devsecops #sca #легаси #зависимости #cve #безопасная_разработка #docker #sandbox #appsec
-
New #CloudSecTidbits explores how misconfigured AWS ELBs can silently break security boundaries through rule shadowing, CloudFront/WAF bypasses, and alternate routing paths.
We’re also releasing ELBaph — a new read-only tool to map ELB routing graphs, detect exposed paths, and surface real-world attack chains across ALBs/NLBs.
https://blog.doyensec.com/2026/05/25/cloudsectidbits-elbaph-alb.html
#AppSec #Doyensec #AWS #CloudSecurity #AppSec #SecurityResearch
-
New #CloudSecTidbits explores how misconfigured AWS ELBs can silently break security boundaries through rule shadowing, CloudFront/WAF bypasses, and alternate routing paths.
We’re also releasing ELBaph — a new read-only tool to map ELB routing graphs, detect exposed paths, and surface real-world attack chains across ALBs/NLBs.
https://blog.doyensec.com/2026/05/25/cloudsectidbits-elbaph-alb.html
#AppSec #Doyensec #AWS #CloudSecurity #AppSec #SecurityResearch
-
Did you read "No Security Meter for AI" (ref: berryvilleiml.com/docs/no-secu...) If you did, you know that AI should not handle the threat modelling for your software without you double-checking the output. #security #appsec #threatmodeling #ai #machinelearning #ml #games
berryvilleiml.com/docs/no-secu..... -
Did you read "No Security Meter for AI" (ref: berryvilleiml.com/docs/no-secu...) If you did, you know that AI should not handle the threat modelling for your software without you double-checking the output. #security #appsec #threatmodeling #ai #machinelearning #ml
berryvilleiml.com/docs/no-securi... -
Security Tip: Protect your infrastructure by moving away from hardcoded secrets. 🛡️ Storing API keys or database credentials in source code is a recipe for disaster. Instead, use a secrets management tool or environment variables. For maximum security, implement automated rotation to ensure keys expire regularly. This limits the damage if a credential is ever exposed. Stay informed on the latest threats at https://cvedatabase.com #CyberSecurity #InfoSec #CVE #AppSec
-
So I am not allowed to use the word *****, then make sure people have iron balls tied to one of their feet. Unfortunately, it's all too easy to trick an #LLM into doing something it shouldn't do. Which means we really need to think outside the box to #secure them. #appsec #threatmodeling #games
-
@coreysnipes thank you.
I have been at this for a while ...both as a security guy who helped get #swsec and #appsec going 28 years ago and as a student of Doug Hofstader's with a Ph.D. in #cogsci. BIML has been spearheading independent #MLsec since 2019.
-
@coreysnipes thank you.
I have been at this for a while ...both as a security guy who helped get #swsec and #appsec going 28 years ago and as a student of Doug Hofstader's with a Ph.D. in #cogsci. BIML has been spearheading independent #MLsec since 2019.
-
@coreysnipes thank you.
I have been at this for a while ...both as a security guy who helped get #swsec and #appsec going 28 years ago and as a student of Doug Hofstader's with a Ph.D. in #cogsci. BIML has been spearheading independent #MLsec since 2019.
-
@coreysnipes thank you.
I have been at this for a while ...both as a security guy who helped get #swsec and #appsec going 28 years ago and as a student of Doug Hofstader's with a Ph.D. in #cogsci. BIML has been spearheading independent #MLsec since 2019.
-
@coreysnipes thank you.
I have been at this for a while ...both as a security guy who helped get #swsec and #appsec going 28 years ago and as a student of Doug Hofstader's with a Ph.D. in #cogsci. BIML has been spearheading independent #MLsec since 2019.
-
OWASP Cornucopia just released v3.1.0 github.com/OWASP/cornuc... A Special thanks to Prakhar Porwal for implementing the CRE api for the Companion edition (ref: cornucopia.owasp.org/api/docs ). Thank you so much for all your help! #games #cornucopia #owasp #appsec #security #threatmodeling
Release Release v3.1.0 · OWASP... -
At AppSec Village, we're proud to have Finite State on board as a Silver Sponsor this year 💀💙
If connected device security is your world — they're worth knowing!
-
Let's talk about security risks from AI, and what to do about them!
https://twp.ai/4hr3GSGet my free secure coding prompt library here: SecureMyVibe.ca
-
AI-generated code flagged as a "pain waiting to happen" — and it's a fascinating challenge, not a scandal. When the tool writes the code faster than we can review it, the bottleneck shifts from production to understanding. The real question isn't whether AI can code. It's whether we can keep up with auditing what it builds. 🔍 #infosec #AppSec #AICode
https://www.theregister.com/ai-ml/2026/05/16/ai-generated-code-is-pain-waiting-to-happen/5241574 -
Registration requirement for access to our new paper "No Security Meter for AI" has been removed due to urgency of content and to promote frictionless distribution
https://berryvilleiml.com/results/no-security-meter-ai.pdf
Please consider registering, which enables you to receive email notifications from BIML.
-
Registration requirement for access to our new paper "No Security Meter for AI" has been removed due to urgency of content and to promote frictionless distribution
https://berryvilleiml.com/results/no-security-meter-ai.pdf
Please consider registering, which enables you to receive email notifications from BIML.
-
Registration requirement for access to our new paper "No Security Meter for AI" has been removed due to urgency of content and to promote frictionless distribution
https://berryvilleiml.com/results/no-security-meter-ai.pdf
Please consider registering, which enables you to receive email notifications from BIML.
-
Registration requirement for access to our new paper "No Security Meter for AI" has been removed due to urgency of content and to promote frictionless distribution
https://berryvilleiml.com/results/no-security-meter-ai.pdf
Please consider registering, which enables you to receive email notifications from BIML.
-
Registration requirement for access to our new paper "No Security Meter for AI" has been removed due to urgency of content and to promote frictionless distribution
https://berryvilleiml.com/results/no-security-meter-ai.pdf
Please consider registering, which enables you to receive email notifications from BIML.
-
Chainguard builds secure-by-default open source — hardened containers, language libraries, and VM images that engineering teams (and their agents) can trust.
Gold Sponsor at AppSec Village this year — glad to have them in the village.
#AppSecVillage #AppSec #CyberSecurity #SupplyChain #SponsorShoutout
-
Chainguard builds secure-by-default open source — hardened containers, language libraries, and VM images that engineering teams (and their agents) can trust.
Gold Sponsor at AppSec Village this year — glad to have them in the village.
#AppSecVillage #AppSec #CyberSecurity #SupplyChain #SponsorShoutout
-
Chainguard builds secure-by-default open source — hardened containers, language libraries, and VM images that engineering teams (and their agents) can trust.
Gold Sponsor at AppSec Village this year — glad to have them in the village.
#AppSecVillage #AppSec #CyberSecurity #SupplyChain #SponsorShoutout
-
Chainguard builds secure-by-default open source — hardened containers, language libraries, and VM images that engineering teams (and their agents) can trust.
Gold Sponsor at AppSec Village this year — glad to have them in the village.
#AppSecVillage #AppSec #CyberSecurity #SupplyChain #SponsorShoutout
